Creating a Linux based wireless HID injector with remote payload interface.
Helbling, Marc (2023)
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023101327478
https://urn.fi/URN:NBN:fi:amk-2023101327478
Tiivistelmä
USB is a flexible protocol that provides a lot of functions and HID functionality which is trust by default on most host systems. This makes it not only versatile but also an attractive point of attack. Among the wide range of USB based attacks, even simple methods like keystroke injections represent a significant security risk.
In this paper we explore the dangers and security concerns of USB, by developing our own wireless HID keystroke injector. We examine the core workings of the USB protocol and have a closer look at HID based attack vectors.
During our research and development, we found that the security risks of USB based attacks are far greater than we initially assumed. Such attacks are extremely cheap and simple to deploy, even for bespoke solutions. USB focused attacks are nothing new, but the stagnancy in security improvements implies that the dependency on the legacy implementation of the protocol is too strong to allow for significant changes in its core architecture. If and how this issue will ever be addressed in the future remains to be seen.
In this paper we explore the dangers and security concerns of USB, by developing our own wireless HID keystroke injector. We examine the core workings of the USB protocol and have a closer look at HID based attack vectors.
During our research and development, we found that the security risks of USB based attacks are far greater than we initially assumed. Such attacks are extremely cheap and simple to deploy, even for bespoke solutions. USB focused attacks are nothing new, but the stagnancy in security improvements implies that the dependency on the legacy implementation of the protocol is too strong to allow for significant changes in its core architecture. If and how this issue will ever be addressed in the future remains to be seen.